Merge branch 'main' into jc-clark/actions-bug-fixes-2023.11.22

JonnyZockt · Nov 27, 2023 · 9cc9fbc · 9cc9fbc
2 parents 34452b6 + 6d54fb6
commit 9cc9fbc
Show file tree

Hide file tree

Showing 99 changed files with 472 additions and 268 deletions.
diff --git a/.github/workflows/move-content.yml b/.github/workflows/move-content.yml
@@ -0,0 +1,63 @@
+name: Move content script test
+
+# **What it does**: Tests the `npm run move-content` script
+# **Why we have it**: To be sure it continues to work as expected
+# **Who does it impact**: Docs team.
+
+on:
+  pull_request:
+    paths:
+      - src/content-render/scripts/move-content.js
+      - 'src/frame/lib/**/*.js'
+      - .github/workflows/move-content.yml
+
+permissions:
+  contents: read
+
+jobs:
+  move-content-test:
+    if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+
+      - uses: ./.github/actions/node-npm-setup
+
+      - name: Set up a dummy git user
+        run: |
+          # These must be set to something before running the move-content
+          # script because it depends on executing `git mv ...`
+          # and `git commit ...`
+          git config --global user.name any-body
+          git config --global user.email "[email protected]"
+
+      - name: Move hello-world.md to hello-wurld.md
+        env:
+          ROOT: src/fixtures/fixtures
+        run: |
+          npm run move-content -- \
+            src/fixtures/fixtures/content/get-started/quickstart/hello-world.md \
+            src/fixtures/fixtures/content/get-started/quickstart/hello-wurld.md
+
+          node src/content-render/scripts/test-moved-content.js \
+            src/fixtures/fixtures/content/get-started/quickstart/hello-world.md \
+            src/fixtures/fixtures/content/get-started/quickstart/hello-wurld.md
+
+          # TODO: Add tests that inspects the git log
+          git log | head -n 100
+
+      - name: Move code-security/getting-started to code-security/got-started
+        env:
+          ROOT: src/fixtures/fixtures
+        run: |
+          npm run move-content -- \
+            src/fixtures/fixtures/content/code-security/getting-started \
+            src/fixtures/fixtures/content/code-security/got-started
+
+          node src/content-render/scripts/test-moved-content.js \
+            src/fixtures/fixtures/content/code-security/getting-started \
+            src/fixtures/fixtures/content/code-security/got-started
+
+          # TODO: Add tests that inspects the git log
+          git log | head -n 100
diff --git a/Dockerfile b/Dockerfile
@@ -5,7 +5,7 @@
 # --------------------------------------------------------------------------------
 # To update the sha, run `docker pull node:$VERSION-alpine`
 # look for something like: `Digest: sha256:0123456789abcdef`
-FROM node:20-alpine@sha256:002b6ee25b63b81dc4e47c9378ffe20915c3fa0e98e834c46584438468b1d0b5 as base
+FROM node:20-alpine@sha256:b1789b7be6aa16afd642eaaaccdeeeb33bd8f08e69b3d27d931aa9665b731f01 as base
 
 # This directory is owned by the node user
 ARG APP_HOME=/home/node/app

diff --git a/assets/images/help/codespaces/prebuilds-regions.png b/assets/images/help/codespaces/prebuilds-regions.png
diff --git a/...d-notifications-on-github/setting-up-notifications/configuring-notifications.md b/...d-notifications-on-github/setting-up-notifications/configuring-notifications.md
@@ -192,7 +192,7 @@ If you belong to an organization, you can choose the email account you want noti
 
 ### Customizing email routes per organization
 
-If you are a member of more than one organization, you can configure each one to send notifications to any of{% ifversion fpt or ghec %} your verified email addresses{% else %} the email addresses for your account{% endif %}. {% ifversion fpt or ghec %} For more information, see "[AUTOTITLE](/get-started/signing-up-for-github/verifying-your-email-address)."{% endif %}
+If you are a member of more than one organization, you can configure each one to send notifications to any of{% ifversion fpt or ghec %} your verified email addresses{% else %} the email addresses for your account{% endif %}. {% ifversion fpt or ghec %} For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address)."{% endif %}
 
 {% data reusables.notifications.access_notifications %}
 {% data reusables.notifications-v2.manage-notifications %}

diff --git a/...s-on-your-profile/sending-enterprise-contributions-to-your-githubcom-profile.md b/...s-on-your-profile/sending-enterprise-contributions-to-your-githubcom-profile.md
@@ -38,8 +38,7 @@ Before you can connect your {% ifversion fpt or ghec %}{% data variables.product
 
 {% ifversion fpt or ghec %}
 
-- To send enterprise contributions from {% data variables.product.prodname_ghe_server %} to your {% data variables.product.prodname_dotcom_the_website %} profile, see "[AUTOTITLE](/enterprise-server@latest/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/sending-enterprise-contributions-to-your-githubcom-profile)" in the {% data variables.product.prodname_ghe_server %} documentation.
-- To send enterprise contributions from {% data variables.product.prodname_ghe_managed %} to your {% data variables.product.prodname_dotcom_the_website %} profile, see "[AUTOTITLE](/github-ae@latest/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/sending-enterprise-contributions-to-your-githubcom-profile)" in the {% data variables.product.prodname_ghe_managed %} documentation.
+To send enterprise contributions from {% data variables.product.prodname_ghe_server %} to your {% data variables.product.prodname_dotcom_the_website %} profile, see "[AUTOTITLE](/enterprise-server@latest/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/sending-enterprise-contributions-to-your-githubcom-profile)" in the {% data variables.product.prodname_ghe_server %} documentation.
 
 {% elsif ghes %}
 

diff --git a/...o-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md b/...o-your-personal-repositories/inviting-collaborators-to-a-personal-repository.md
@@ -43,7 +43,7 @@ You can send an invitation to collaborate in your repository directly to someone
 
 {% endif %}
 
-1. Ask for the username of the person you're inviting as a collaborator.{% ifversion fpt or ghec %} If they don't have a username yet, they can sign up for {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/get-started/signing-up-for-github/signing-up-for-a-new-github-account)."{% endif %}
+1. Ask for the username of the person you're inviting as a collaborator.{% ifversion fpt or ghec %} If they don't have a username yet, they can sign up for {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/get-started/quickstart/creating-an-account-on-github)."{% endif %}
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 1. In the "Access" section of the sidebar, click **{% octicon "people" aria-hidden="true" %} Collaborators**.

diff --git a/...unt-on-github/managing-email-preferences/changing-your-primary-email-address.md b/...unt-on-github/managing-email-preferences/changing-your-primary-email-address.md
@@ -27,5 +27,5 @@ shortTitle: Primary email address
 1. Under "Primary email address", use the drop-down menu to click the email address you'd like to set as your primary email address, and click **Save**.
 1. To remove the old email address from your account, next to the old email, click {% octicon "trash" aria-label="The trash symbol" %}.
 {% ifversion fpt or ghec %}
-1. Verify your new primary email address. Without a verified email address, you won't be able to use all of {% data variables.product.product_name %}'s features. For more information, see "[AUTOTITLE](/get-started/signing-up-for-github/verifying-your-email-address)."
+1. Verify your new primary email address. Without a verified email address, you won't be able to use all of {% data variables.product.product_name %}'s features. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address)."
 {% endif %}
diff --git a/...nd-managing-your-personal-account-on-github/managing-email-preferences/index.md b/...nd-managing-your-personal-account-on-github/managing-email-preferences/index.md
@@ -17,6 +17,7 @@ topics:
 children:
   - /adding-an-email-address-to-your-github-account
   - /changing-your-primary-email-address
+  - /verifying-your-email-address
   - /setting-a-backup-email-address
   - /setting-your-commit-email-address
   - /blocking-command-line-pushes-that-expose-your-personal-email-address
@@ -25,4 +26,3 @@ children:
   - /managing-marketing-emails-from-github
 shortTitle: Manage email preferences
 ---
-
diff --git a/...-github/managing-email-preferences/remembering-your-github-username-or-email.md b/...-github/managing-email-preferences/remembering-your-github-username-or-email.md
@@ -73,5 +73,5 @@ Your user name is what immediately follows the `https://{% data variables.comman
 
 ## Further reading
 
-- "[AUTOTITLE](/get-started/signing-up-for-github/verifying-your-email-address)"
+- "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address)"
 {% endif %}
diff --git a/...or-github/verifying-your-email-address.md → ...eferences/verifying-your-email-address.md b/...or-github/verifying-your-email-address.md → ...eferences/verifying-your-email-address.md
@@ -7,6 +7,7 @@ redirect_from:
   - /articles/verifying-your-email-address
   - /github/getting-started-with-github/verifying-your-email-address
   - /github/getting-started-with-github/signing-up-for-github/verifying-your-email-address
+  - /get-started/signing-up-for-github/verifying-your-email-address
 versions:
   fpt: '*'
   ghec: '*'
@@ -47,7 +48,7 @@ If you do not verify your email address, you will not be able to:
 {% data reusables.user-settings.emails %}
 1. Under your email address, click **Resend verification email**.
 
-   ![Screenshot of a list of email addresses on the "Emails" page. Under an email address, a link, labeled "Resend verification email," is outlined in orange.](/assets/images/help/settings/email-verify-button.png)
+   ![Screenshot of email addresses on the "Emails" page. Under an email address, a link, labeled "Resend verification email," is outlined in orange.](/assets/images/help/settings/email-verify-button.png)
 1. {% data variables.product.prodname_dotcom %} will send you an email with a link in it. After you click that link, you'll be taken to your {% data variables.product.prodname_dotcom %} dashboard and see a confirmation banner.
 
 ## Troubleshooting email verification
@@ -58,7 +59,7 @@ If you do not verify your email address, you will not be able to:
 
 ### Error page after clicking verification link
 
-The verification link expires after 24 hours. If you don't verify your email within 24 hours, you can request another email verification link. For more information, see "[AUTOTITLE](/get-started/signing-up-for-github/verifying-your-email-address)."
+The verification link expires after 24 hours. If you don't verify your email within 24 hours, you can request another email verification link. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address#verifying-your-email-address)."
 
 If you click on the link in the confirmation email within 24 hours and you are directed to an error page, you should ensure that you're signed into the correct account on {% data variables.location.product_location %}.
 

diff --git a/...ithub/managing-your-personal-account/best-practices-for-leaving-your-company.md b/...ithub/managing-your-personal-account/best-practices-for-leaving-your-company.md
@@ -19,7 +19,7 @@ Before you leave your company, make sure you update the following information in
 
 - Unverify your company email address by [deleting it in your Email settings](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/changing-your-primary-email-address). You can then re-add it without verifying to keep any associated commits linked to your account.
 - [Change your primary email address](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/changing-your-primary-email-address) from your company email to your personal email.
-- [Verify your new primary email address](/get-started/signing-up-for-github/verifying-your-email-address).
+- [Verify your new primary email address](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address).
 - [Change your GitHub username](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-user-account-settings/changing-your-github-username) to remove any references to your company or organization, if necessary.
 - If you've enabled two-factor (2FA) authentication for your personal account, make sure that you (not your company) control the 2FA authentication method you have configured. For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication)."
 

diff --git a/...hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md b/...hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md
@@ -71,11 +71,7 @@ Edit the trust policy, adding the `sub` field to the validation conditions. For
 
 If you use a workflow with an environment, the `sub` field must reference the environment name: `repo:OWNER/REPOSITORY:environment:NAME`. For more information, see "[AUTOTITLE](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token)."
 
-{% note %}
-
-**Note**: When using an environment in a workflow it is strongly recommend to protect access by configuring deployment protection rules. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules)."
-
-{% endnote %}
+{% data reusables.actions.oidc-deployment-protection-rules %}
 
 ```json copy
 "Condition": {

diff --git a/...ment/security-hardening-your-deployments/configuring-openid-connect-in-azure.md b/...ment/security-hardening-your-deployments/configuring-openid-connect-in-azure.md
@@ -58,6 +58,8 @@ To update your workflows for OIDC, you will need to make two changes to your YAM
 1. Add permissions settings for the token.
 1. Use the [`azure/login`](https://github.com/Azure/login) action to exchange the OIDC token (JWT) for a cloud access token.
 
+{% data reusables.actions.oidc-deployment-protection-rules %}
+
 ### Adding permissions settings
 
  {% data reusables.actions.oidc-permissions-token %}

diff --git a/...ity-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md b/...ity-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md
@@ -33,6 +33,8 @@ To update your workflows for OIDC, you will need to make two changes to your YAM
 
 If your cloud provider doesn't yet offer an official action, you can update your workflows to perform these steps manually.
 
+{% data reusables.actions.oidc-deployment-protection-rules %}
+
 ### Adding permissions settings
 
  {% data reusables.actions.oidc-permissions-token %}

diff --git a/...rdening-your-deployments/configuring-openid-connect-in-google-cloud-platform.md b/...rdening-your-deployments/configuring-openid-connect-in-google-cloud-platform.md
@@ -45,6 +45,8 @@ To update your workflows for OIDC, you will need to make two changes to your YAM
 1. Add permissions settings for the token.
 1. Use the [`google-github-actions/auth`](https://github.com/google-github-actions/auth) action to exchange the OIDC token (JWT) for a cloud access token.
 
+{% data reusables.actions.oidc-deployment-protection-rules %}
+
 ### Adding permissions settings
 
  {% data reusables.actions.oidc-permissions-token %}

diff --git a/...ity-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md b/...ity-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md
@@ -93,6 +93,8 @@ To update your workflows for OIDC, you will need to make two changes to your YAM
 1. Add permissions settings for the token.
 1. Use the [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) action to exchange the OIDC token (JWT) for a cloud access token.
 
+{% data reusables.actions.oidc-deployment-protection-rules %}
+
 To add OIDC integration to your workflows that allow them to access secrets in Vault, you will need to add the following code changes:
 
 - Grant permission to fetch the token from the {% data variables.product.prodname_dotcom %} OIDC provider:

diff --git a/...yment/security-hardening-your-deployments/configuring-openid-connect-in-pypi.md b/...yment/security-hardening-your-deployments/configuring-openid-connect-in-pypi.md
@@ -47,6 +47,8 @@ To use OIDC with PyPI, add a trust configuration that links each project on PyPI
 
 Once your trusted publisher is registered on PyPI, you can update your release workflow to use trusted publishing.
 
+{% data reusables.actions.oidc-deployment-protection-rules %}
+
 The [`pypa/gh-action-pypi-publish`](https://github.com/marketplace/actions/pypi-publish) action has built-in support for trusted publishing, which can be enabled by giving its containing job the `id-token: write` permission and omitting `username` and `password`.
 
 The following example uses the `pypa/gh-action-pypi-publish` action to exchange an OIDC token for a PyPI API token, which is then used to upload a package's release distributions to PyPI.

diff --git a/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md b/content/actions/managing-issues-and-pull-requests/adding-labels-to-issues.md
@@ -19,11 +19,11 @@ topics:
 
 ## Introduction
 
-This tutorial demonstrates how to use the [`actions/github-script` action](https://github.com/marketplace/actions/github-script) in a workflow to label newly opened or reopened issues. For example, you can add the `triage` label every time an issue is opened or reopened. Then, you can see all issues that need to be triaged by filtering for issues with the `triage` label.
+This tutorial demonstrates how to use the {% data variables.product.prodname_cli %} in a workflow to label newly opened or reopened issues. For example, you can add the `triage` label every time an issue is opened or reopened. Then, you can see all issues that need to be triaged by filtering for issues with the `triage` label.
 
-The `actions/github-script` action allows you to easily use the {% data variables.product.prodname_dotcom %} API in a workflow.
+The {% data variables.product.prodname_cli %} allows you to easily use the {% data variables.product.prodname_dotcom %} API in a workflow.
 
-In the tutorial, you will first make a workflow file that uses the [`actions/github-script` action](https://github.com/marketplace/actions/github-script). Then, you will customize the workflow to suit your needs.
+In the tutorial, you will first make a workflow file that uses the {% data variables.product.prodname_cli %}. Then, you will customize the workflow to suit your needs.
 
 ## Creating the workflow
 
@@ -44,20 +44,17 @@ In the tutorial, you will first make a workflow file that uses the [`actions/git
         permissions:
           issues: write
         steps:
-          - uses: {% data reusables.actions.action-github-script %}
-            with:
-              script: |
-                github.rest.issues.addLabels({
-                  issue_number: context.issue.number,
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  labels: ["triage"]
-                })
+          - run: gh issue edit "$NUMBER" --add-label "$LABELS"
+            env:
+              GITHUB_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
+              GH_REPO: {% raw %}${{ github.repository }}{% endraw %}
+              NUMBER: {% raw %}${{ github.event.issue.number }}{% endraw %}
+              LABELS: triage
     ```
 
-1. Customize the `script` parameter in your workflow file:
-   - The `issue_number`, `owner`, and `repo` values are automatically set using the `context` object. You do not need to change these.
-   - Change the value for `labels` to the list of labels that you want to add to the issue. Separate multiple labels with commas. For example, `["help wanted", "good first issue"]`. For more information about labels, see "[AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/managing-labels#applying-labels-to-issues-and-pull-requests)."
+1. Customize the `env` values in your workflow file:
+   - The `GITHUB_TOKEN`, `GH_REPO`, and `NUMBER` values are automatically set using the `github` and `secrets` contexts. You do not need to change these.
+   - Change the value for `LABELS` to the list of labels that you want to add to the issue. The label(s) must exist for your repository. Separate multiple labels with commas. For example, `help wanted,good first issue`. For more information about labels, see "[AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/managing-labels#applying-labels-to-issues-and-pull-requests)."
 1. {% data reusables.actions.commit-workflow %}
 
 ## Testing the workflow
@@ -72,6 +69,6 @@ Test out your workflow by creating an issue in your repository.
 
 ## Next steps
 
-- To learn more about additional things you can do with the `actions/github-script` action, see the [`actions/github-script` action documentation](https://github.com/marketplace/actions/github-script).
+- To learn more about additional things you can do with the {% data variables.product.prodname_cli %}, see the [GitHub CLI manual](https://cli.github.com/manual/).
 - To learn more about different events that can trigger your workflow, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#issues)."
-- [Search GitHub](https://github.com/search?q=%22uses:+actions/github-script%22&type=code) for examples of workflows using this action.
+- [Search GitHub](https://github.com/search?q=path%3A.github%2Fworkflows+gh+issue+edit&type=code) for examples of workflows using `gh issue edit`.